public void CanDelegateAccessSelfAssessment_returns_true_with_no_completed_or_removed_assessments()
{
// Given
var candidateAssessments = Builder <CandidateAssessment> .CreateListOfSize(5).All()
.With(ca => ca.CompletedDate = null)
.With(ca => ca.RemovedDate = null)
.Build().ToList();
A.CallTo(() => selfAssessmentDataService.GetCandidateAssessments(A <int> ._, A <int> ._))
.Returns(candidateAssessments);
// When
var result = selfAssessmentService.CanDelegateAccessSelfAssessment(1, 1);
// Then
result.Should().BeTrue();
}
public void Returns_Redirect_to_access_denied_if_delegate_does_not_have_self_assessment()
{
// Given
var context = GetDefaultContext();
A.CallTo(() => selfAssessmentService.CanDelegateAccessSelfAssessment(A <int> ._, A <int> ._)).Returns(false);
// When
new VerifyDelegateUserCanAccessSelfAssessment(selfAssessmentService, logger).OnActionExecuting(context);
// Then
using (new AssertionScope())
{
context.Result.Should().BeRedirectToActionResult().WithActionName("AccessDenied")
.WithControllerName("LearningSolutions");
}
}
public void OnActionExecuting(ActionExecutingContext context)
{
if (!(context.Controller is Controller controller))
{
return;
}
var selfAssessmentId = int.Parse(context.RouteData.Values["selfAssessmentId"].ToString() !);
var delegateId = controller.User.GetCandidateIdKnownNotNull();
var canAccessSelfAssessment =
selfAssessmentService.CanDelegateAccessSelfAssessment(delegateId, selfAssessmentId);
if (!canAccessSelfAssessment)
{
logger.LogWarning(
$"Attempt to display self assessment results for candidate {delegateId} with no self assessment"
);
context.Result = new RedirectToActionResult("AccessDenied", "LearningSolutions", new { });
}
}
